In order to get the Maven configuration of Sonar right, I wanted to have a local Sonarqube to test with. Using Docker, this is totally trivial. Run the Docker container You should already have Docker running on your local machine. Download the Sonarqube container from Docker Hub like this docker pull sonarqube After downloading, start the container via docker run -d --name sonarqube -p 9000:9000… [read more →]

Another great plugin for security and application stability is the Maven Enforcer plugin. You don't want to end up in JAR hell :) You can use the Enforcer plugin for the following tasks. Dependency convergence Requires that dependency version numbers converge. If a project has two dependencies, A and B, both depending on the same artifact, C, this rule will fail the build if A depends on a… [read more →]